156 matches found
USN-1719-1: Linux kernel (Oneiric backport) vulnerabilities
It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. CVE-2012-2669 Dmitry Monakhov reported a race...
USN-1704-1: Linux kernel (Quantal HWE) vulnerabilities
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Jon Howell reported a flaw in the Linux kernel's KVM Kernel-based virtual machine subsystem's handling of the XSAVE feature. On hosts,...
Slackware Advisory SSA:2004-110-01 utempter security update
The remote host is missing an update as announced via advisory SSA:2004-110-01. OpenVAS Vulnerability Test $Id: esoftslkssa200411001.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Slackware: Security Advisory (SSA:2004-110-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Russian Hacker Arrested For DDoS Attacks on Amazon
Dmitry Olegovich Zubakha, a Russian man accused of launching distributed-denial-of-service DDOS attacks on Amazon.com, has been arrested this week by authorities in Cyprus based on an international warrant, the Department of Justice revealed. Zubakha, a native of Moscow, was indicted for two deni...
SAP Portal - unauthorized file read
Application: SAP Portal Vendor URL: http://www.sap.com Bugs: Directory traversal Exploits: YES Reported: 12.03.2011 Vendor response: 13.03.2011 Date of Public Advisory: 12.09.2012 Reference: SAP Security Note 1707494 Author: Dmitry Chastukhin ERPScan Description It is possible to read files in...
SAP NetWeaver AdapterFramework - information disclosure
Application: SAP NetWeaver J2EE Versions Affected: SAP NetWeaver J2EE Vendor URL: http://www.sap.com Bugs: Information Disclosure Exploits: YES Reported: 06.12.2011 Vendor response: 07.12.2011 Date of Public Advisory: 13.11.2012 Reference: SAP Security Note 1679897 Authors: Dmitry Chastukhin...
[DSECRG-00142] SAP Crystal Reports 2008 - actionNavjsp_xss
XSS vulnerability found in SAP Crystal Report Server 2008 Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://sap.com Bugs: Linked XSS Vulnerability Exploits: YES Reported: 04.03.2010 Vendor response: 05.03.2010 Date of SAPNOTE Publishe...
ESET Smart Security / NOD32 Antivirus LZH Processing Denial of Service
No description provided by source. Oleksiuk Dmitry has discovered a vulnerability in ESET Smart Security and ESET NOD32 Antivirus, which can be exploited by malicious people to cause a DoS Denial of Service. The vulnerability is caused due to an error when processing LZH archives. This can be...
SAP Crystal Reports 2008 — actionNavjsp_xss
Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs: Linked XSS Vulnerability Exploits: YES Reported: 04.03.2010 Vendor response: 05.03.2010 Date of SAP Security Note Published: 08.10.2010 Date of Public Advisory:...
SAP Crystal Reports 2008 — Directory Traversal
Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs: Directory Traversal File Read Exploits: YES Reported: 29.03.2010 Vendor response: 30.03.2010 Date of SAP Security Note Published: 08.10.2010 Date of Public Advisory:...
GLSA-200909-10 : LMBench: Insecure temporary file usage
The remote host is affected by the vulnerability described in GLSA-200909-10 LMBench: Insecure temporary file usage Dmitry E. Oboukhov reported that the rccs and STUFF scripts do not handle '/tmp/sdiff.' temporary files securely. NOTE: There might be further occurances of insecure temporary file...
LMBench: Insecure temporary file usage
Background LMBench is a suite of simple, portable benchmarks for UNIX platforms. Description Dmitry E. Oboukhov reported that the rccs and STUFF scripts do not handle "/tmp/sdiff." temporary files securely. NOTE: There might be further occurances of insecure temporary file usage. Impact A local...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : openoffice.org, openoffice.org-amd64 vulnerabilities (USN-677-1)
Multiple memory overflow flaws were discovered in OpenOffice.org's handling of WMF and EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. CVE-2008-2237, CVE-2008-2238 Dmitry E. Oboukhov...
Ubuntu: Security Advisory (USN-677-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-200903-08 : gEDA: Insecure temporary file creation
The remote host is affected by the vulnerability described in GLSA-200903-08 gEDA: Insecure temporary file creation Dmitry E. Oboukhov reported an insecure temporary file usage within the sch2eaglepos.sh script. Impact : A local attacker could perform symlink attacks to overwrite arbitrary files...
ksquirrel-libs库RGBE文件解析栈溢出漏洞
BUGTRAQ ID: 33902 CVECAN ID: CVE-2008-5263 ksquirrel-libs是一组KSquirrel的图形解码库。 ksquirrel-libs库的kernel/klshdr/fmtcodechdr.cpp文件中的mtcodec::getHdrHead函数存在栈溢出漏洞,如果用户受骗使用链接到该库的应用程序打开了特制的Radiance RGBE(.hdr)文件的话,就可以触发这个溢出,导致执行任意代码。 Baryshev Dmitry ksquirrel-libs 0.8 厂商补丁: Baryshev Dmitry ---------------...
Honeyd: Insecure temporary file creation
Background Honeyd is a small daemon that creates virtual hosts on a network. Description Dmitry E. Oboukhov reported an insecure temporary file usage within the "test.sh" script. Impact A local attacker could perform symlink attacks and overwrite arbitrary files with the privileges of the user...
USN-677-1: OpenOffice.org vulnerabilities
Multiple memory overflow flaws were discovered in OpenOffice.org's handling of WMF and EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. CVE-2008-2237, CVE-2008-2238 Dmitry E. Oboukhov...
DSA-1643-1 feta - denial of service
Bulletin has no description...